14 matches found
CVE-2026-4681
A critical remote code execution RCE vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0,...
PTC Windchill Product Lifecycle Management
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...
EUVD-2026-14606
A critical remote code execution RCE vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0,...
CVE-2026-4681
A critical remote code execution RCE vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0,...
CVE-2026-4681
A critical remote code execution RCE vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0,...
CVE-2026-4681 Critical Remote Code Execution vulnerability reported in Windchill
A critical remote code execution RCE vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0,...
CVE-2026-4681 Critical Remote Code Execution vulnerability reported in Windchill
A critical remote code execution RCE vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0,...
CVE-2026-4681
CVE-2026-4681 describes a critical remote code execution in PTC Windchill and PTC FlexPLM via deserialization of untrusted data. Affected: Windchill PDMLink 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM 11.0 M030, 11.1 M020, 11.2.1.0...
PTC FlexPLM和PTC Windchill PDMLink 安全漏洞
PTC FlexPLM and PTC Windchill PDMLink are products of PTC, a US-based company. PTC FlexPLM is a Product Lifecycle Management system designed specifically for the retail, fashion, and clothing industries. PTC Windchill PDMLink is a Product Data Management link system used to manage and share produ...
PT-2026-27248
Name of the Vulnerable Software and Affected Versions PTC Windchill PDMLink versions 11.0 M030 through 13.1.3.0 PTC FlexPLM versions 11.0 M030 through 13.0.3.0 Description A critical remote code execution RCE issue has been identified in PTC Windchill and PTC FlexPLM. The issue stems from the...
CVE-2014-4815
Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors...
Session fixation
Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2014-4815
Session fixation vulnerability in IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1 allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2014-4815
CVE-2014-4815 affects IBM Rational Lifecycle Integration Adapter for Windchill 1.x before 1.0.1. The issue is a session fixation vulnerability that allows remote attackers to hijack web sessions via unspecified vectors. Exploitation details, affected subcomponents, and remediation steps are not d...